Message ID | 1300738540.2837.5.camel@edumazet-laptop |
---|---|
State | Accepted, archived |
Delegated to: | David Miller |
Headers | show |
On Mon, Mar 21, 2011 at 09:15:40PM +0100, Eric Dumazet wrote: > Le lundi 21 mars 2011 à 19:07 +0100, Eric Dumazet a écrit : > > Le lundi 21 mars 2011 à 18:39 +0100, Ingo Molnar a écrit : > > > here's the same but with kallsyms enabled. > > > > > > Thanks, > > > > > > Ingo > > > > > > [ 9.585627] initcall 0xffffffff81d5b806 returned 0 after 0 usecs > > > [ 9.588960] calling 0xffffffff81d5b9da @ 1 > > > [ 9.592303] IPVS: Creating netns size=1272 id=0 > > > [ 9.595646] IPVS: __ip_vs_control_init(): alloc_percpu. > > > [ 9.602298] IPVS: cannot register namespace. > > > [ 9.605627] IPVS: can't setup control > > > > It seems IPVS is busted in case of memory allocation error in > > __ip_vs_control_init() > > > > IPVS deinits its "struct netns_ipvs" space, but something (in IPVS) uses > > it after free. > > > > __ip_vs_init() seems to be called before ip_vs_init() completes > > correctly. We then keep in net->ipvs a pointer to some freed memory. > > > > Commit 14e405461e664b7 did some changes in this area > > > > Simon, any idea ? > > > > > > For the time being, we can avoid the false memory allocation error (and > leak) Sorry, that typo is my work. > Thanks > > [PATCH] ipvs: fix a typo in __ip_vs_control_init() > > Reported-by: Ingo Molnar <mingo@elte.hu> > Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com> > Cc: Simon Horman <horms@verge.net.au> > Cc: Julian Anastasov <ja@ssi.bg> Acked-by: Simon Horman <horms@verge.net.au> > --- > net/netfilter/ipvs/ip_vs_ctl.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c > index b799cea..33733c8 100644 > --- a/net/netfilter/ipvs/ip_vs_ctl.c > +++ b/net/netfilter/ipvs/ip_vs_ctl.c > @@ -3605,7 +3605,7 @@ int __net_init __ip_vs_control_init(struct net *net) > > /* procfs stats */ > ipvs->tot_stats.cpustats = alloc_percpu(struct ip_vs_cpu_stats); > - if (ipvs->tot_stats.cpustats) { > + if (!ipvs->tot_stats.cpustats) { > pr_err("%s(): alloc_percpu.\n", __func__); > return -ENOMEM; > } > > -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On Tue, Mar 22, 2011 at 07:13:58AM +0900, Simon Horman wrote: > On Mon, Mar 21, 2011 at 09:15:40PM +0100, Eric Dumazet wrote: > > Le lundi 21 mars 2011 à 19:07 +0100, Eric Dumazet a écrit : > > > Le lundi 21 mars 2011 à 18:39 +0100, Ingo Molnar a écrit : > > > > here's the same but with kallsyms enabled. > > > > > > > > Thanks, > > > > > > > > Ingo > > > > > > > > [ 9.585627] initcall 0xffffffff81d5b806 returned 0 after 0 usecs > > > > [ 9.588960] calling 0xffffffff81d5b9da @ 1 > > > > [ 9.592303] IPVS: Creating netns size=1272 id=0 > > > > [ 9.595646] IPVS: __ip_vs_control_init(): alloc_percpu. > > > > [ 9.602298] IPVS: cannot register namespace. > > > > [ 9.605627] IPVS: can't setup control > > > > > > It seems IPVS is busted in case of memory allocation error in > > > __ip_vs_control_init() > > > > > > IPVS deinits its "struct netns_ipvs" space, but something (in IPVS) uses > > > it after free. > > > > > > __ip_vs_init() seems to be called before ip_vs_init() completes > > > correctly. We then keep in net->ipvs a pointer to some freed memory. > > > > > > Commit 14e405461e664b7 did some changes in this area > > > > > > Simon, any idea ? > > > > > > > > > > For the time being, we can avoid the false memory allocation error (and > > leak) > > Sorry, that typo is my work. With your patch applied I now see the following ffff880003bbf1a0 corresponds to &ipvs->app_key in __ip_vs_app_init(). I'll continue looking into this. [ 12.610000] IPVS: Creating netns size=2456 id=0 [ 12.630000] IPVS: Registered protocols (TCP, UDP, SCTP, AH, ESP) [ 12.640000] BUG: key ffff880003bbf1a0 not in .data! [ 12.640000] ------------[ cut here ]------------ [ 12.640000] WARNING: at kernel/lockdep.c:2701 lockdep_init_map+0x37b/0x570() [ 12.640000] Hardware name: Bochs [ 12.640000] Pid: 1, comm: swapper Tainted: G W 2.6.38-kexec-06330-g69b7efe-dirty #122 [ 12.650000] Call Trace: [ 12.650000] [<ffffffff8102e685>] warn_slowpath_common+0x75/0xb0 [ 12.650000] [<ffffffff8102e6d5>] warn_slowpath_null+0x15/0x20 [ 12.650000] [<ffffffff8105967b>] lockdep_init_map+0x37b/0x570 [ 12.650000] [<ffffffff8105829d>] ? trace_hardirqs_on+0xd/0x10 [ 12.650000] [<ffffffff81055ad8>] debug_mutex_init+0x38/0x50 [ 12.650000] [<ffffffff8104bc4c>] __mutex_init+0x5c/0x70 [ 12.650000] [<ffffffff81685ee7>] __ip_vs_app_init+0x64/0x86 [ 12.660000] [<ffffffff81685a3b>] ? ip_vs_init+0x0/0xff [ 12.660000] [<ffffffff811b1c33>] T.620+0x43/0x170 [ 12.660000] [<ffffffff811b1e9a>] ? register_pernet_subsys+0x1a/0x40 [ 12.660000] [<ffffffff81685a3b>] ? ip_vs_init+0x0/0xff [ 12.660000] [<ffffffff81685a3b>] ? ip_vs_init+0x0/0xff [ 12.660000] [<ffffffff811b1db7>] register_pernet_operations+0x57/0xb0 [ 12.660000] [<ffffffff81685a3b>] ? ip_vs_init+0x0/0xff [ 12.670000] [<ffffffff811b1ea9>] register_pernet_subsys+0x29/0x40 [ 12.670000] [<ffffffff81685f19>] ip_vs_app_init+0x10/0x12 [ 12.670000] [<ffffffff81685a87>] ip_vs_init+0x4c/0xff [ 12.670000] [<ffffffff8166562c>] do_one_initcall+0x7a/0x12e [ 12.670000] [<ffffffff8166583e>] kernel_init+0x13e/0x1c2 [ 12.670000] [<ffffffff8128c134>] kernel_thread_helper+0x4/0x10 [ 12.670000] [<ffffffff8128ad40>] ? restore_args+0x0/0x30 [ 12.680000] [<ffffffff81665700>] ? kernel_init+0x0/0x1c2 [ 12.680000] [<ffffffff8128c130>] ? kernel_thread_helper+0x0/0x10 [ 12.680000] ---[ end trace 4eaa2a86a8e2da23 ]--- -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
From: Simon Horman <horms@verge.net.au> Date: Tue, 22 Mar 2011 07:13:58 +0900 > On Mon, Mar 21, 2011 at 09:15:40PM +0100, Eric Dumazet wrote: >> [PATCH] ipvs: fix a typo in __ip_vs_control_init() >> >> Reported-by: Ingo Molnar <mingo@elte.hu> >> Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com> >> Cc: Simon Horman <horms@verge.net.au> >> Cc: Julian Anastasov <ja@ssi.bg> > > Acked-by: Simon Horman <horms@verge.net.au> Applied. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
* Eric Dumazet <eric.dumazet@gmail.com> wrote:
> [PATCH] ipvs: fix a typo in __ip_vs_control_init()
This fix and Simon's:
IPVS: Use global mutex in ip_vs_app.c
Did the trick here, the IPVS related SLAB corruptions are now gone.
Thanks guys!
Ingo
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Le mardi 22 mars 2011 à 10:56 +0100, Ingo Molnar a écrit : > * Eric Dumazet <eric.dumazet@gmail.com> wrote: > > > [PATCH] ipvs: fix a typo in __ip_vs_control_init() > > This fix and Simon's: > > IPVS: Use global mutex in ip_vs_app.c > > Did the trick here, the IPVS related SLAB corruptions are now gone. > > Thanks guys! Thanks for testing Ingo ;) -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On Tue, Mar 22, 2011 at 11:00:39AM +0100, Eric Dumazet wrote: > Le mardi 22 mars 2011 à 10:56 +0100, Ingo Molnar a écrit : > > * Eric Dumazet <eric.dumazet@gmail.com> wrote: > > > > > [PATCH] ipvs: fix a typo in __ip_vs_control_init() > > > > This fix and Simon's: > > > > IPVS: Use global mutex in ip_vs_app.c > > > > Did the trick here, the IPVS related SLAB corruptions are now gone. > > > > Thanks guys! > > Thanks for testing Ingo ;) Yes, thanks Ingo. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c index b799cea..33733c8 100644 --- a/net/netfilter/ipvs/ip_vs_ctl.c +++ b/net/netfilter/ipvs/ip_vs_ctl.c @@ -3605,7 +3605,7 @@ int __net_init __ip_vs_control_init(struct net *net) /* procfs stats */ ipvs->tot_stats.cpustats = alloc_percpu(struct ip_vs_cpu_stats); - if (ipvs->tot_stats.cpustats) { + if (!ipvs->tot_stats.cpustats) { pr_err("%s(): alloc_percpu.\n", __func__); return -ENOMEM; }